Starting a few weeks ago, every few days we receive an empty form submission. No subject, no nothing. They must be bypassing the submit button and hitting the server directly because if I submit even an entirely a empty form (validly, via the browser) I get subject line. Additionally, the form is working because valid forms with genuine customer enquiries are coming through too, one every few days.

The IP address is always the same. Checking the IP address all I can see is it's a webhosting outfit in Germany.

I don't think it's causing us a problem. But the customer wants to know why it happens.

2 Answers
2

Someone is probably trying to abuse the form and may be succeeding. They're probably trying to send spam through it and judging by the fact that they can submit an empty form they may be succeeding without your knowledge. There should be server side code in place to catch empty form submissions and throw a friendly error just in case it is a real human being having issues with the form (maybe not in this case but it may happen in others).

As John Conde says, it's probably someone trying to use your script as a spam relay.

I'd recommend modifying the script to log all requests into a file, exactly as POSTed. It might be just an automated script probing for vulnerabilities... or it might be that they're abusing an e-mail header injection vulnerability and the empty messages to you are just a side effect of that. Looking at the log should tell you what's actually going on.